State-aware fuzzer is implemented based on AFLNet. To parse the protocol, it follows the same paradigm as AFLNet which uses embedded C functions to parse a test input into a sequence of request messages and extract protocol state from response messages. A new protocol can be easily supported by extending these functions. PPG uses graphviz to record information and output it in file ipsm.dot which can be viewed using graphviz online. PPG records extra information related to state transitions (e.g. which message triggers the max resource consumption) and output in file champion_josn with JSON format.
Monitor is implemented based on Linux's /proc Filesystem. The main body of Monitor is a loop, when Medusa starts its monitor process, Monitor continuously accesses the /proc Filesystem in the loop. To improve the efficiency of Monitor, we don't use the wrap library of /proc Filesystem (e.g. psutil), instead, we use file operators to directly access /proc Filesystem and parse the resource consumption from the file content. Furthermore, as /proc Filesystem is a Linux virtual file system that its content updates in real-time every time reading it, we design the access process in the loop carefully to avoid frequently calling file open and close system calls. Specifically, we call file open at the initialization of Monitor, then in the loop
before each time calling file read, we call file lseek function to move the file pointer to the head of the file. This implementation trick significantly improves the efficiency of Monitor.